Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-f7dh-1ngq-5kdz
Summary
Improper Authentication in Apache Hadoop
The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication.
Aliases
0
alias CVE-2013-2192
1
alias GHSA-pxv5-5vmp-3jj4
Fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.9
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-kt1w-97bw-r7bp
5
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.9
1
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.6-alpha
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.6-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-67cn-ebsg-zbdd
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-kt1w-97bw-r7bp
7
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.6-alpha
Affected_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.0
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-f7dh-1ngq-5kdz
2
vulnerability VCID-kt1w-97bw-r7bp
3
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.0
1
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.1
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-f7dh-1ngq-5kdz
5
vulnerability VCID-kt1w-97bw-r7bp
6
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.1
2
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.3
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-f7dh-1ngq-5kdz
5
vulnerability VCID-kt1w-97bw-r7bp
6
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.3
3
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.4
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-f7dh-1ngq-5kdz
5
vulnerability VCID-kt1w-97bw-r7bp
6
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.4
4
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.5
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-f7dh-1ngq-5kdz
5
vulnerability VCID-kt1w-97bw-r7bp
6
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.5
5
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.6
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-f7dh-1ngq-5kdz
5
vulnerability VCID-kt1w-97bw-r7bp
6
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.6
6
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.7
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-f7dh-1ngq-5kdz
5
vulnerability VCID-kt1w-97bw-r7bp
6
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.7
7
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.8
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-f7dh-1ngq-5kdz
5
vulnerability VCID-kt1w-97bw-r7bp
6
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.8
8
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.0
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1xbr-pekw-ukcn
2
vulnerability VCID-a8xd-ukj7-tqbk
3
vulnerability VCID-f7dh-1ngq-5kdz
4
vulnerability VCID-kt1w-97bw-r7bp
5
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.0
9
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.1-alpha
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.1-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-67cn-ebsg-zbdd
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-f7dh-1ngq-5kdz
7
vulnerability VCID-kt1w-97bw-r7bp
8
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.1-alpha
10
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.2-alpha
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.2-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-67cn-ebsg-zbdd
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-f7dh-1ngq-5kdz
7
vulnerability VCID-kt1w-97bw-r7bp
8
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.2-alpha
11
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.3-alpha
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.3-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-67cn-ebsg-zbdd
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-f7dh-1ngq-5kdz
7
vulnerability VCID-kt1w-97bw-r7bp
8
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.3-alpha
12
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.4-alpha
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.4-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-67cn-ebsg-zbdd
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-f7dh-1ngq-5kdz
7
vulnerability VCID-kt1w-97bw-r7bp
8
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.4-alpha
13
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.5-alpha
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.5-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-67cn-ebsg-zbdd
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-f7dh-1ngq-5kdz
7
vulnerability VCID-kt1w-97bw-r7bp
8
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.5-alpha
14
url pkg:rpm/redhat/jasperreports-server-pro@5.5.0-4?arch=el6ev
purl pkg:rpm/redhat/jasperreports-server-pro@5.5.0-4?arch=el6ev
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-f7dh-1ngq-5kdz
1
vulnerability VCID-hj44-args-tfa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasperreports-server-pro@5.5.0-4%3Farch=el6ev
References
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0037.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0037.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0400.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0400.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2192.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2192.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2192
reference_id
reference_type
scores
0
value 0.00125
scoring_system epss
scoring_elements 0.31206
published_at 2026-05-09T12:55:00Z
1
value 0.00125
scoring_system epss
scoring_elements 0.31363
published_at 2026-04-26T12:55:00Z
2
value 0.00125
scoring_system epss
scoring_elements 0.31282
published_at 2026-04-29T12:55:00Z
3
value 0.00125
scoring_system epss
scoring_elements 0.3113
published_at 2026-05-05T12:55:00Z
4
value 0.00125
scoring_system epss
scoring_elements 0.31199
published_at 2026-05-07T12:55:00Z
5
value 0.00125
scoring_system epss
scoring_elements 0.31685
published_at 2026-04-01T12:55:00Z
6
value 0.00125
scoring_system epss
scoring_elements 0.31817
published_at 2026-04-02T12:55:00Z
7
value 0.00125
scoring_system epss
scoring_elements 0.31861
published_at 2026-04-04T12:55:00Z
8
value 0.00125
scoring_system epss
scoring_elements 0.3168
published_at 2026-04-07T12:55:00Z
9
value 0.00125
scoring_system epss
scoring_elements 0.31732
published_at 2026-04-08T12:55:00Z
10
value 0.00125
scoring_system epss
scoring_elements 0.31762
published_at 2026-04-09T12:55:00Z
11
value 0.00125
scoring_system epss
scoring_elements 0.31765
published_at 2026-04-11T12:55:00Z
12
value 0.00125
scoring_system epss
scoring_elements 0.31725
published_at 2026-04-12T12:55:00Z
13
value 0.00125
scoring_system epss
scoring_elements 0.31689
published_at 2026-04-13T12:55:00Z
14
value 0.00125
scoring_system epss
scoring_elements 0.31721
published_at 2026-04-16T12:55:00Z
15
value 0.00125
scoring_system epss
scoring_elements 0.31699
published_at 2026-04-18T12:55:00Z
16
value 0.00125
scoring_system epss
scoring_elements 0.31667
published_at 2026-04-21T12:55:00Z
17
value 0.00125
scoring_system epss
scoring_elements 0.31491
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2192
4
reference_url http://seclists.org/fulldisclosure/2013/Aug/251
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2013/Aug/251
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2192
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-2192
6
reference_url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1001326
reference_id 1001326
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1001326
8
reference_url https://github.com/advisories/GHSA-pxv5-5vmp-3jj4
reference_id GHSA-pxv5-5vmp-3jj4
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pxv5-5vmp-3jj4
9
reference_url https://access.redhat.com/errata/RHSA-2014:0037
reference_id RHSA-2014:0037
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0037
10
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
11
reference_url https://access.redhat.com/errata/RHSA-2014:0401
reference_id RHSA-2014:0401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0401
Weaknesses
0
cwe_id 287
name Improper Authentication
description When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score0.1 - 3
Exploitability0.5
Weighted_severity2.7
Risk_score1.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-f7dh-1ngq-5kdz